CVE-2025-68351

Advisory lineage Upstream: 0 Downstream: 28

Downstream

DEBIAN-CVE-2025-68351 DSA-6126-1 OPENSUSE-SU-2026:10039-1 OPENSUSE-SU-2026:10301-1 OPENSUSE-SU-2026:20145-1 SUSE-SU-2026:0278-1

Analyzed

Published: 24 Dec 2025, 10:32

Last modified:27 May 2026, 09:28

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

v3.1 (nvd)

EPSS Score

<0.01% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

24 Dec 2025, 10:32

Published

Vulnerability first disclosed

27 May 2026, 09:28

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: exfat: fix refcount leak in exfat_find Fix refcount leaks in `exfat_find` related to `exfat_get_dentry_set`. Function `exfat_get_dentry_set` would increase the reference counter of `es->bh` on success. Therefore, `exfat_put_dentry_set` must be called after `exfat_get_dentry_set` to ensure refcount consistency. This patch relocate two checks to avoid possible leaks.

CVSS Metrics

v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01%• Percentile: 0%

Affected Systems

linux•linux
≥ 92075758782c5edb4c67d0da9e47586a624c22f7, < fc9ce762525e73438d31b613f18bca92a4d3d578 | ≥ 13940cef95491472760ca261b6713692ece9b946, < d009ff8959d28d2a33aeb96a5f7e7161c421d78f | ≥ 13940cef95491472760ca261b6713692ece9b946, < 9aee8de970f18c2aaaa348e3de86c38e2d956c1d | 0c8a1d2afd0dce0ea9257ab8c2271d8db6cb575d | 6c627bcc1896ba62ec793d0c00da74f3c93ce3ad | ≥ 6.12.23, < 6.12.68 | ≥ 6.13.11, < 6.14 | 6.14
linux•linux_kernel
≥ 6.12.23, < 6.12.68 | ≥ 6.12.59, < 6.13 | ≥ 6.13.11, < 6.14 | ≥ 6.14.1, < 6.18.2 | 6.14 | 6.14:rc6 | 6.14:rc7